c796aeae1b5d130af5b35177c02e0fee823f6764bca352661d4a045f301c5b6f

Sharing

Copy URL Twitter E-mail

General

Target

c796aeae1b5d130af5b35177c02e0fee823f6764bca352661d4a045f301c5b6f
Size

346KB
MD5

e0a9064de26e856ffe6d80af108567a7
SHA1

ee507cc2d8480f7d20e0dbc747c066d5a520f578
SHA256

c796aeae1b5d130af5b35177c02e0fee823f6764bca352661d4a045f301c5b6f
SHA512

55c497b26e1173f3cd34b1dd7faa45723298e4bfc6e1ebccf111bffedd7ad44fde0b2f278597217f5789cc4c41846e58c8aa73fd99a7dce0d4eceb98cd3b209d
SSDEEP

6144:pJ8vwfHlTxVPSzx58Chzb1lLLiY03yekmqu00Zr7sth8Hi80IVPnJhdLVUUCNQy:r8IPlfKakLiY03yekmqu00Zr7sth8HiM

Score

N/A

Malware Config

Signatures

Files

c796aeae1b5d130af5b35177c02e0fee823f6764bca352661d4a045f301c5b6f
.dll regsvr32 windows x86

db4859076474a0a0996f61ac8aaef0e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
lstrcatA
FindFirstFileA
FindClose
MulDiv
SetCurrentDirectoryA
FindResourceA
LoadResource
LockResource
lstrcpyA
GetModuleFileNameA
SearchPathA
CreateFileA
lstrcpynA
GetCurrentDirectoryA
GlobalAlloc
GlobalLock
CloseHandle
lstrcmpiA
lstrlenW
lstrlenA
GlobalHandle
GlobalUnlock
GlobalFree
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
_lclose
_lopen
DeleteCriticalSection
MultiByteToWideChar
FreeLibrary
SizeofResource
GetLastError
HeapDestroy
GetCurrentProcess
GetModuleHandleA
GetCurrentThreadId
WideCharToMultiByte
LoadLibraryExA
ReadFile
SetFilePointer
DisableThreadLibraryCalls
HeapCreate
GetLocaleInfoW
SetStdHandle
GetLocaleInfoA
FlushFileBuffers
LoadLibraryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
TerminateProcess
InitializeCriticalSection
GetProcAddress
VirtualAlloc
ExitProcess
VirtualFree
TlsSetValue
TlsGetValue
SetLastError
TlsFree
TlsAlloc
HeapFree
GetVersion
GetCommandLineA
HeapReAlloc
HeapAlloc

user32

IsDlgButtonChecked
ReleaseDC
CreateWindowExA
CallWindowProcA
GetClassInfoExA
LoadCursorA
RegisterClassExA
SetWindowLongA
BeginPaint
GetClientRect
EndPaint
SetDlgItemTextA
SetDlgItemInt
GetDlgItemInt
GetDlgItemTextA
EnableWindow
GetDlgItem
GetParent
DestroyWindow
IsWindow
ShowWindow
MoveWindow
WinHelpA
IsDialogMessageA
LoadStringA
GetDialogBaseUnits
CreateDialogParamA
CheckDlgButton
InvalidateRect
GetDC
DefWindowProcA
PtInRect
UnionRect
DrawIcon
LoadIconA
wsprintfA
CharNextA
SetWindowPos
SetFocus
SetWindowRgn
OffsetRect
EqualRect
IntersectRect

gdi32

GetTextMetricsA
GetTextExtentPointA
DeleteObject
SelectObject
CreateFontIndirectA
GetDeviceCaps
Rectangle
GetStockObject
GetPaletteEntries
GetObjectA
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
RestoreDC
SetWindowExtEx
SetWindowOrgEx
SaveDC
CreateMetaFileA
DeleteDC
SetViewportOrgEx
SetMapMode
LPtoDP
CreateDCA

advapi32

RegQueryInfoKeyA
RegQueryValueExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExA

ole32

CoCreateInstance
CoTaskMemAlloc
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemFree
CoTaskMemRealloc
WriteClassStm
OleSaveToStream
OleLoadFromStream
ProgIDFromCLSID
CreateOleAdviseHolder

oleaut32

LoadRegTypeLi
VariantInit
OleCreateFontIndirect
OleTranslateColor
VarI4FromStr
SysAllocStringByteLen
SysStringByteLen
SysAllocString
VariantClear
SetErrorInfo
CreateErrorInfo
RegisterTypeLi
LoadTypeLi
OleCreatePropertyFrame
SysStringLen
SysFreeString
UnRegisterTypeLi
VariantChangeType

ltdlg13n

ord129
ord106
ord139
ord135
ord114
ord116
ord112
ord125
ord108
ord110
ord107
ord100
ord101
ord103
ord102
ord127
ord136
ord134
ord137
ord138
ord140
ord126
ord109
ord128

ltkrn13n

ord197
ord125
ord116
ord123
ord134
ord112
ord196

Exports

Exports

?HelpEventCallback@@YGXKHPAX@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db4859076474a0a0996f61ac8aaef0e5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

ltdlg13n

ltkrn13n

Exports

Exports

Sections

.text Size: 92KB - Virtual size: 91KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 146KB - Virtual size: 152KB

.rsrc Size: 74KB - Virtual size: 74KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 92KB - Virtual size: 91KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 146KB - Virtual size: 152KB

.rsrc
Size: 74KB - Virtual size: 74KB

.reloc
Size: 16KB - Virtual size: 16KB